Per-VRF Assignment of BGP Router ID

The Per-VRF Assignment of BGP Router ID feature introduces the ability to have VRF-to-VRF peering in Border Gateway Protocol (BGP) on the same router. BGP is designed to refuse a session with itself because of the router ID check. The per-VRF assignment feature allows a separate router ID per VRF using a new keyword in the existing
bgprouter-id command. The router ID can be manually configured for each VRF or can be assigned automatically either globally under address family configuration mode or for each VRF.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see
Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to
www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Prerequisites for Per-VRF Assignment of BGP Router ID

Before you configure this feature, Cisco Express Forwarding (CEF) or distributed CEF (dCEF) must be enabled in the network, and basic BGP peering is assumed to be running in the network.

Information About Per-VRF Assignment of BGP Router ID

BGP Router ID

The BGP router identifier (ID) is a 4-byte field that is set to the highest IP address on the router. Loopback interface addresses are considered before physical interface addresses because loopback interfaces are more stable than physical interfaces. The BGP router ID is used in the BGP algorithm for determining the best path to a destination where the preference is for the BGP router with the lowest router ID. It is possible to manually configure the BGP router ID using the bgprouter-id command to influence the best path algorithm.

Per-VRF Router ID Assignment

The Per-VRF Assignment of BGP Router ID feature introduces the ability to have VRF-to-VRF peering in Border Gateway Protocol (BGP) on the same router. BGP is designed to refuse a session with itself because of the router ID check. The Per-VRF Assignment of BGP Router ID feature allows a separate router ID per VRF using a new keyword in the existing
bgprouter-id command. The router ID can be manually configured for each VRF or can be assigned automatically either globally under address family configuration mode or for each VRF.

Route Distinguisher

A route distinguisher (RD) creates routing and forwarding tables and specifies the default route distinguisher for a VPN. The RD is added to the beginning of an IPv4 prefix to change it into a globally unique VPN-IPv4 prefix. An RD can be composed in one of two ways: with an autonomous system number and an arbitrary number or with an IP address and an arbitrary number.

You can enter an RD in either of these formats:

Enter a 16-bit autonomous system number, a colon, and a 32-bit number. For example:

45000:3

Enter a 32-bit IP address, a colon, and a 16-bit number. For example:

192.168.10.15:1

How to Configure Per-VRF Assignment of BGP Router ID

Configuring VRF Instances

Perform this task to configure VRF instances to be used with the Per-VRF Assignment of Router ID tasks. In this task, a VRF instance named vrf_trans is created. To make the VRF functional, a route distinguisher is created. When the route distinguisher is created, the routing and forwarding tables are created for the VRF instance named vrf_trans.

Before You Begin

This task assumes that you have CEF or dCEF enabled.

SUMMARY STEPS

1.enable

2.configureterminal

3.ipvrfvrf-name

4.rdroute-distinguisher

5.route-target [import |
both]
route-target-ext-community

6.route-target [export |
both]
route-target-ext-community

7.exit

8. Repeat Step 3 through Step 7 for each VRF to be defined.

DETAILED STEPS

Command or Action

Purpose

Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configureterminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

ipvrfvrf-name

Example:

Device(config)# ip vrf vrf_trans

Defines a VRF instance and enters VRF configuration mode.

Step 4

rdroute-distinguisher

Example:

Device(config-vrf)# rd 45000:2

Creates routing and forwarding tables for a VRF and specifies the default RD for a VPN.

Use the
route-distinguisher argument to specify the default RD for a VPN. There are two formats you can use to specify an RD. For more details, see the “Route Distinguisher” section.

In this example, the RD uses an autonomous system number with the number 2 after the colon.

Step 5

route-target [import |
both]
route-target-ext-community

Example:

Device(config-vrf)# route-target import 55000:5

Creates a route-target extended community for a VRF.

Use the
import keyword to import routing information from the target VPN extended community.

Use the
both keyword to both import routing information from and export routing information to the target VPN extended community.

Use the
route-target-ext-community argument to specify the VPN extended community.

Step 6

route-target [export |
both]
route-target-ext-community

Example:

Device(config-vrf)# route-target export 55000:1

Creates a route-target extended community for a VRF.

Use the
export keyword to export routing information to the target VPN extended community.

Use the
both keyword to both import routing information from and export routing information to the target VPN extended community.

Use the
route-target-ext-community argument to specify the VPN extended community.

Associating VRF Instances with Interfaces

Perform this task to associate VRF instances with interfaces to be used with the per-VRF assignment tasks. In this task, a VRF instance named vrf_trans is associated with a serial interface.

Make a note of the IP addresses for any interface to which you want to associate a VRF instance because the
ipvrfforwarding command removes the IP address. Step 8 allows you to reconfigure the IP address.

Before You Begin

This task assumes that you have CEF or dCEF enabled.

This task assumes that VRF instances have been configured as shown in preceding “Configuring VRF Instances” task in this module.

SUMMARY STEPS

1.enable

2.configureterminal

3.interfacetypenumber

4.ipaddressip-addressmask [secondary]

5.exit

6.interfacetypenumber

7.ipvrfforwardingvrf-name [downstreamvrf-name2]

8.ipaddressip-addressmask [secondary]

9. Repeat Step 5 through Step 8 for each VRF to be associated with an interface.

10.end

11. show ip vrf [brief |
detail |
interfaces |
id] [vrf-name]

DETAILED STEPS

Command or Action

Purpose

Step 1

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configureterminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3

interfacetypenumber

Example:

Router(config)# interface loopback0

Configures an interface type and enters interface configuration mode.

In this example, loopback interface 0 is configured.

Step 4

ipaddressip-addressmask [secondary]

Example:

Router(config-if)# ip address 172.16.1.1 255.255.255.255

Configures an IP address.

In this example, the loopback interface is configured with an IP address of 172.16.1.1.

Manually Configuring a BGP Router ID per VRF

Perform this task to manually configure a BGP router ID for each VRF. In this task, several address family configurations are shown and the router ID is configured in the IPv4 address family mode for one VRF instance. Step 22 shows you how to repeat certain steps to permit the configuration of more than one VRF on the same router.

Before You Begin

This task assumes that you have previously created the VRF instances and associated them with interfaces. For more details, see the “Configuring VRF Instances” task and the “Associating VRF Instances with Interfaces” task earlier in this module.

Routing information for the IPv4 unicast address family is advertised by default for each BGP routing session configured with the
neighborremote-as router configuration command unless you configure the
nobgpdefaultipv4-unicast router configuration command before configuring the
neighborremote-as command. Existing neighbor configurations are not affected.

Customizes the AS_PATH attribute for routes received from an eBGP neighbor.

The autonomous system number from the local BGP routing process is prepended to all external routes by default.

Use the
no-prepend keyword to not prepend the local autonomous system number to any routes received from the eBGP neighbor.

In this example, routes from the neighbor at 192.168.1.1 will not contain the local autonomous system number.

Step 16

neighbor {ip-address |peer-group-name}
ebgp-multihop [ttl]

Example:

Router(config-router-af)# neighbor 192.168.1.1 ebgp-multihop 2

Accepts and attempts BGP connections to external peers residing on networks that are not directly connected.

In this example, BGP is configured to allow connections to or from neighbor 192.168.1.1, which resides on a network that is not directly connected.

Step 17

neighbor {ip-address |peer-group-name}
activate

Example:

Router(config-router-af)# neighbor 192.168.1.1 activate

Activates the neighbor under the IPV4 address family.

In this example, the neighbor 192.168.1.1 is activated.

Step 18

neighborip-addressallowas-in [number]

Example:

Router(config-router-af)# neighbor 192.168.1.1 allowas-in 1

Configures provider edge (PE) routers to allow the readvertisement of all prefixes that contain duplicate autonomous system numbers.

In the example, the PE router with autonomous system number 45000 is configured to allow prefixes from the VRF vrf-trans. The neighboring PE router with the IP address 192.168.1.1 is set to be readvertised once to other PE routers with the same autonomous system number.

Automatically Assigning a BGP Router ID per VRF

Perform this task to automatically assign a BGP router ID for each VRF. In this task, a loopback interface is associated with a VRF and the
bgprouter-id command is configured at the router configuration level to automatically assign a BGP router ID to all VRF instances. Step 9 shows you how to repeat certain steps to configure each VRF that is to be associated with an interface. Step 30 shows you how to configure more than one VRF on the same router.

Before You Begin

This task assumes that you have previously created the VRF instances as shown in the “Configuring VRF Instances” task in this module.

SUMMARY STEPS

1.enable

2.configureterminal

3.interfacetypenumber

4.ipaddressip-addressmask [secondary]

5.exit

6.interfacetypenumber

7.ipvrfforwardingvrf-name [downstreamvrf-name2]

8.ipaddressip-addressmask [secondary]

9. Repeat Step 5 through Step 8 for each VRF to be associated with an interface.

In this example, a BGP router ID is automatically assigned for each VRF instance.

Step 13

nobgpdefaultipv4-unicast

Example:

Router(config-router)# no bgp default ipv4-unicast

Disables the IPv4 unicast address family for the BGP routing process.

Note

Routing information for the IPv4 unicast address family is advertised by default for each BGP routing session configured with the
neighborremote-as router configuration command unless you configure the
nobgpdefaultipv4-unicast router configuration command before configuring the
neighborremote-as command. Existing neighbor configurations are not affected.

Customizes the AS_PATH attribute for routes received from an eBGP neighbor.

The autonomous system number from the local BGP routing process is prepended to all external routes by default.

Use the
no-prepend keyword to not prepend the local autonomous system number to any routes received from the eBGP neighbor.

In this example, routes from the neighbor at 192.168.1.1 will not contain the local autonomous system number.

Step 25

neighbor {ip-address |peer-group-name}
ebgp-multihop [ttl]

Example:

Router(config-router-af)# neighbor 192.168.1.1 ebgp-multihop 2

Accepts and attempts BGP connections to external peers residing on networks that are not directly connected.

In this example, BGP is configured to allow connections to or from neighbor 192.168.1.1, which resides on a network that is not directly connected.

Step 26

neighbor {ip-address |peer-group-name}
activate

Example:

Router(config-router-af)# neighbor 192.168.1.1 activate

Activates the neighbor under the IPV4 address family.

In this example, the neighbor 192.168.1.1 is activated.

Step 27

neighborip-addressallowas-in [number]

Example:

Router(config-router-af)# neighbor 192.168.1.1 allowas-in 1

Configures provider edge (PE) routers to allow the readvertisement of all prefixes that contain duplicate autonomous system numbers.

In the example, the PE router with autonomous system number 45000 is configured to allow prefixes from the VRF vrf-trans. The neighboring PE router with the IP address 192.168.1.1 is set to be readvertised once to other PE routers with the same autonomous system number.

Example: Manually Configuring a BGP Router ID per VRF

The following example shows how to configure two VRFs—vrf_trans and vrf_user—with sessions between each other on the same router. The BGP router ID for each VRF is configured manually under separate IPv4 address families. The
showipbgpvpnv4 command can be used to verify that the router IDs have been configured for each VRF. The configuration starts in global configuration mode.

The following example shows how to configure two VRFs—vrf_trans and vrf_user—with sessions between each other on the same router. Under router configuration mode, BGP is globally configured to automatically assign each VRF a BGP router ID. Loopback interfaces are associated with individual VRFs to source an IP address for the router ID. The
showipbgpvpnv4 command can be used to verify that the router IDs have been configured for each VRF.

After the configuration, the output of the
showipbgpvpnv4all command shows the router ID displayed next to the VRF name. Note that the router IDs used in this example are sourced from the IP addresses configured for loopback interface 1 and loopback interface 2. The router IDs are the same as in the “Example: Manually Configurinig a BGP Router ID per VRF” section.

Per-VRF Automatically Assigned Router ID

The following example shows how to configure two VRFs—vrf_trans and vrf_user—with sessions between each other on the same router. Under the IPv4 address family associated with an individual VRF, BGP is configured to automatically assign a BGP router ID. Loopback interfaces are associated with individual VRFs to source an IP address for the router ID. The output of the
showipbgpvpnv4 command can be used to verify that the router IDs have been configured for each VRF.

After the configuration, the output of the
showipbgpvpnv4all command shows the router ID displayed next to the VRF name. Note that the router IDs used in this example are sourced from the IP addresses configured for loopback interface 1 and loopback interface 2.

MIBs

RFCs

RFC

Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.

—

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

Feature Information for Per-VRF Assignment of BGP Router ID

The following table
provides release information about the feature or features described in this
module. This table lists only the software release that introduced support for
a given feature in a given software release train. Unless noted otherwise,
subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform
support and Cisco software image support. To access Cisco Feature Navigator, go
to
.
An account on Cisco.com is not required.

Table 1 Feature Information for Per-VRF Assignment of BGP Router ID

Feature Name

Releases

Feature Information

Per-VRF Assignment of BGP Router ID

12.2(31)SB2

12.2(33)SRA

12.2(33)SXH

12.4(20)T

15.0(1)S

The Per-VRF Assignment of BGP Router ID feature introduces the ability to have VRF-to-VRF peering in Border Gateway Protocol (BGP) on the same router. BGP is designed to refuse a session with itself because of the router ID check. The per-VRF assignment feature allows a separate router ID per VRF using a new keyword in the existing
bgprouter-id command. The router ID can be manually configured for each VRF or can be assigned automatically either globally under address family configuration mode or for each VRF.

The following commands were introduced or modified by this feature:
bgprouter-id,
showipbgpvpnv4.